github.com/argoproj/argo-cd@v1.8.7/manifests/crds/appproject-crd.yaml (about)

     1  apiVersion: apiextensions.k8s.io/v1beta1
     2  kind: CustomResourceDefinition
     3  metadata:
     4    labels:
     5      app.kubernetes.io/name: appprojects.argoproj.io
     6      app.kubernetes.io/part-of: argocd
     7    name: appprojects.argoproj.io
     8  spec:
     9    group: argoproj.io
    10    names:
    11      kind: AppProject
    12      listKind: AppProjectList
    13      plural: appprojects
    14      shortNames:
    15      - appproj
    16      - appprojs
    17      singular: appproject
    18    scope: Namespaced
    19    validation:
    20      openAPIV3Schema:
    21        description: 'AppProject provides a logical grouping of applications, providing controls for: * where the apps may deploy to (cluster whitelist) * what may be deployed (repository whitelist, resource whitelist/blacklist) * who can access these applications (roles, OIDC group claims bindings) * and what they can do (RBAC policies) * automation access to these roles (JWT tokens)'
    22        properties:
    23          apiVersion:
    24            description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
    25            type: string
    26          kind:
    27            description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
    28            type: string
    29          metadata:
    30            type: object
    31          spec:
    32            description: AppProjectSpec is the specification of an AppProject
    33            properties:
    34              clusterResourceBlacklist:
    35                description: ClusterResourceBlacklist contains list of blacklisted cluster level resources
    36                items:
    37                  description: GroupKind specifies a Group and a Kind, but does not force a version.  This is useful for identifying concepts during lookup stages without having partially valid types
    38                  properties:
    39                    group:
    40                      type: string
    41                    kind:
    42                      type: string
    43                  required:
    44                  - group
    45                  - kind
    46                  type: object
    47                type: array
    48              clusterResourceWhitelist:
    49                description: ClusterResourceWhitelist contains list of whitelisted cluster level resources
    50                items:
    51                  description: GroupKind specifies a Group and a Kind, but does not force a version.  This is useful for identifying concepts during lookup stages without having partially valid types
    52                  properties:
    53                    group:
    54                      type: string
    55                    kind:
    56                      type: string
    57                  required:
    58                  - group
    59                  - kind
    60                  type: object
    61                type: array
    62              description:
    63                description: Description contains optional project description
    64                type: string
    65              destinations:
    66                description: Destinations contains list of destinations available for deployment
    67                items:
    68                  description: ApplicationDestination contains deployment destination information
    69                  properties:
    70                    name:
    71                      description: Name of the destination cluster which can be used instead of server (url) field
    72                      type: string
    73                    namespace:
    74                      description: Namespace overrides the environment namespace value in the ksonnet app.yaml
    75                      type: string
    76                    server:
    77                      description: Server overrides the environment server value in the ksonnet app.yaml
    78                      type: string
    79                  type: object
    80                type: array
    81              namespaceResourceBlacklist:
    82                description: NamespaceResourceBlacklist contains list of blacklisted namespace level resources
    83                items:
    84                  description: GroupKind specifies a Group and a Kind, but does not force a version.  This is useful for identifying concepts during lookup stages without having partially valid types
    85                  properties:
    86                    group:
    87                      type: string
    88                    kind:
    89                      type: string
    90                  required:
    91                  - group
    92                  - kind
    93                  type: object
    94                type: array
    95              namespaceResourceWhitelist:
    96                description: NamespaceResourceWhitelist contains list of whitelisted namespace level resources
    97                items:
    98                  description: GroupKind specifies a Group and a Kind, but does not force a version.  This is useful for identifying concepts during lookup stages without having partially valid types
    99                  properties:
   100                    group:
   101                      type: string
   102                    kind:
   103                      type: string
   104                  required:
   105                  - group
   106                  - kind
   107                  type: object
   108                type: array
   109              orphanedResources:
   110                description: OrphanedResources specifies if controller should monitor orphaned resources of apps in this project
   111                properties:
   112                  ignore:
   113                    items:
   114                      properties:
   115                        group:
   116                          type: string
   117                        kind:
   118                          type: string
   119                        name:
   120                          type: string
   121                      type: object
   122                    type: array
   123                  warn:
   124                    description: Warn indicates if warning condition should be created for apps which have orphaned resources
   125                    type: boolean
   126                type: object
   127              roles:
   128                description: Roles are user defined RBAC roles associated with this project
   129                items:
   130                  description: ProjectRole represents a role that has access to a project
   131                  properties:
   132                    description:
   133                      description: Description is a description of the role
   134                      type: string
   135                    groups:
   136                      description: Groups are a list of OIDC group claims bound to this role
   137                      items:
   138                        type: string
   139                      type: array
   140                    jwtTokens:
   141                      description: JWTTokens are a list of generated JWT tokens bound to this role
   142                      items:
   143                        description: JWTToken holds the issuedAt and expiresAt values of a token
   144                        properties:
   145                          exp:
   146                            format: int64
   147                            type: integer
   148                          iat:
   149                            format: int64
   150                            type: integer
   151                          id:
   152                            type: string
   153                        required:
   154                        - iat
   155                        type: object
   156                      type: array
   157                    name:
   158                      description: Name is a name for this role
   159                      type: string
   160                    policies:
   161                      description: Policies Stores a list of casbin formated strings that define access policies for the role in the project
   162                      items:
   163                        type: string
   164                      type: array
   165                  required:
   166                  - name
   167                  type: object
   168                type: array
   169              signatureKeys:
   170                description: List of PGP key IDs that commits to be synced to must be signed with
   171                items:
   172                  description: SignatureKey is the specification of a key required to verify commit signatures with
   173                  properties:
   174                    keyID:
   175                      description: The ID of the key in hexadecimal notation
   176                      type: string
   177                  required:
   178                  - keyID
   179                  type: object
   180                type: array
   181              sourceRepos:
   182                description: SourceRepos contains list of repository URLs which can be used for deployment
   183                items:
   184                  type: string
   185                type: array
   186              syncWindows:
   187                description: SyncWindows controls when syncs can be run for apps in this project
   188                items:
   189                  description: SyncWindow contains the kind, time, duration and attributes that are used to assign the syncWindows to apps
   190                  properties:
   191                    applications:
   192                      description: Applications contains a list of applications that the window will apply to
   193                      items:
   194                        type: string
   195                      type: array
   196                    clusters:
   197                      description: Clusters contains a list of clusters that the window will apply to
   198                      items:
   199                        type: string
   200                      type: array
   201                    duration:
   202                      description: Duration is the amount of time the sync window will be open
   203                      type: string
   204                    kind:
   205                      description: Kind defines if the window allows or blocks syncs
   206                      type: string
   207                    manualSync:
   208                      description: ManualSync enables manual syncs when they would otherwise be blocked
   209                      type: boolean
   210                    namespaces:
   211                      description: Namespaces contains a list of namespaces that the window will apply to
   212                      items:
   213                        type: string
   214                      type: array
   215                    schedule:
   216                      description: Schedule is the time the window will begin, specified in cron format
   217                      type: string
   218                  type: object
   219                type: array
   220            type: object
   221        required:
   222        - metadata
   223        - spec
   224        type: object
   225    version: v1alpha1
   226    versions:
   227    - name: v1alpha1
   228      served: true
   229      storage: true